[{"data":1,"prerenderedAt":28},["ShallowReactive",2],{"article-laravel-passport-generate-access-token-without-entering-the-password":3},{"id":4,"title":5,"slug":6,"summary":7,"thumbnail":8,"category":9,"tags":15,"categoryId":10,"tagIds":22,"date":23,"updatedAt":24,"views":25,"readingTime":26,"content":27},"UYlA3eSKjMVUTwFWBWx1","Laravel passport generate access_token without entering the password","laravel-passport-generate-access-token-without-entering-the-password","Currently, I am working on Single Sign-On (SSO) and face the problem generating access_token without entering the user’s password","https://miro.medium.com/v2/resize:fit:720/format:webp/0*0VZB2KjdhMT1tNYS",{"id":10,"createdAt":11,"name":12,"description":13,"updatedAt":11,"slug":14},"Gxt2q3kFYWvJFkbBBB2R","2025-12-31T00:34:45.475Z","Laravel","the PHP framework for artisan","laravel",[16],{"id":17,"name":18,"createdAt":19,"updatedAt":19,"slug":20,"color":21},"9Khr7YK7PuRT6KT1rPsk","PHP","2025-12-31T00:31:02.077Z","php","#336699",[17],"2026-01-01T12:22:23.484Z","2026-01-01T12:26:24.380Z",3,2,"I tried to find the existing laravel package to solve my problem but still not and then I returned to [laravel docs](https://laravel.com) and read the [Laravel Passport](https://laravel.com/docs/7.x/passport) for more detail.\n\nOn the [section](https://laravel.com/docs/7.x/passport#customizing-the-username-field), you will see\n\n> When authenticating using the password grant, Passport will use the email attribute of your model as the \"username\". However, you may customize this behavior by defining a findForPassport method on your model:\n\n```php\n\u003C?php\n\nnamespace App;\n\nuse Illuminate\\Foundation\\Auth\\User as Authenticatable;\nuse Illuminate\\Notifications\\Notifiable;\nuse Laravel\\Passport\\HasApiTokens;\n\nclass User extends Authenticatable\n{\n use HasApiTokens, Notifiable;\n /**\n * Find the user instance for the given username.\n *\n * @param string $username\n * @return \\App\\User\n */\n public function findForPassport($username)\n {\n return $this->where('username', $username)->first();\n }\n}\n```\n\nand block this code:\n\n> [Customizing The Password Validation](https://laravel.com/docs/7.x/passport#customizing-the-password-validation)\nWhen authenticating using the password grant, Passport will use the password attribute of your model to validate the given password. If your model does not have a password attribute or you wish to customize the password validation logic, you can define a validateForPassportPasswordGrant method on your model:\n\n```php\n\u003C?php\n\nnamespace App;\n\nuse Illuminate\\Foundation\\Auth\\User as Authenticatable;\nuse Illuminate\\Notifications\\Notifiable;\nuse Illuminate\\Support\\Facades\\Hash;\nuse Laravel\\Passport\\HasApiTokens;\n\nclass User extends Authenticatable\n{\n use HasApiTokens, Notifiable;\n /**\n * Validate the password of the user for the Passport password grant.\n *\n * @param string $password\n * @return bool\n */\n public function validateForPassportPasswordGrant($password)\n {\n return Hash::check($password, $this->password);\n }\n}\n```\n\nyou just register `validateForPassportPasswordGrant($password)` method on the user model and then return `true`.\n\nAfter that, you need to create methods which allow you can anywhere if you need with the code:\n\n```php\npublic function getTokenWithoutPassword($username)\n{\n $client = DB::table('oauth_clients')\n ->where('password_client', true)\n ->get()[0];\n $data = [\n 'grant_type' => 'password',\n 'client_id' => $client->id,\n 'client_secret' => $client->secret,\n 'username' => $username,\n 'password' => 'what-is-your-password', // just leave whatever string\n 'scope' => '',\n ];\n $response = Request::create(url('/oauth/token'), 'POST', $data);\n return json_decode(app()->handle($response)->getContent());\n}\n```\n\nthis method will the result:\n\n```json\n{\n \"token_type\": \"Bearer\",\n \"expires_in\": xxxx,\n \"access_token\": \"xxxx\",\n \"refresh_token\": \"xxxx\",\n}\n```",1780799669228]